Browse all 4 CVE security advisories affecting Exrick. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Exrick primarily serves as a web application framework used for building enterprise solutions. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The framework's components frequently contain input validation weaknesses and insecure default configurations. With four CVEs recorded, Exrick has demonstrated recurring patterns in authentication bypass and session management vulnerabilities. While no major public security incidents have been widely documented, the consistent discovery of similar flaw types across versions suggests potential systemic issues in its security architecture. Organizations implementing Exrick should prioritize regular updates and hardening of default settings to mitigate these recurring risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8528 | Exrick xboot getMenuList sensitive information in a cookie — xbootCWE-315 | 3.7 | Low | 2025-08-04 |
| CVE-2025-8527 | Exrick xboot Swagger SecurityController.java server-side request forgery — xbootCWE-918 | 6.3 | Medium | 2025-08-04 |
| CVE-2025-8526 | Exrick xboot UploadController.java upload unrestricted upload — xbootCWE-434 | 6.3 | Medium | 2025-08-04 |
| CVE-2025-8525 | Exrick xboot Spring Boot Admin/Spring Actuator information disclosure — xbootCWE-200 | 5.3 | Medium | 2025-08-04 |
This page lists every published CVE security advisory associated with Exrick. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.